using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;

public partial class Home : System.Web.UI.Page
{
    LCL LCLC = new LCL();
    SQLInteract objSQL = new SQLInteract();

    protected void Page_Load(object sender, EventArgs e)
    {
        Master.Page.Title = "GSTAR-Login";
        txtEmailId.Attributes.Add("readonly", "readonly");
        Page.ClientScript.RegisterStartupScript(this.GetType(), "clientscript", "document.getElementById('menu_strip').style.display='none';", true);
    }
    protected void cmdLogin_Click(object sender, EventArgs e)
    {
        SqlDataReader drSQL;

        try
        {
            String sUsrName = this.txtUsername.Text;
            String sPwd = this.txtPassword.Text;

            string encryptedPassword = LCLC.EncryptPassword(sPwd.Trim().ToString(), "userPassword");

            string sUsr;
            string sRole;
            string sUsrId;

            sUsr = string.Empty;
            sRole = string.Empty;

            String errMsg = "Invalid Username or Password!!";

            drSQL = objSQL.ReturnDataReader("SELECT LOGIN_ID, PASSWRD, FIRST_NAME, LAST_NAME, USR_ROLE, EMAIL_ADDR FROM USER_TB WHERE LOGIN_ID='" + sUsrName + "' and PASSWRD='" + encryptedPassword + "'");

            if (drSQL.HasRows)
            {
                if (drSQL.Read())
                {
                    txtUsername.Text = "";
                    txtPassword.Text = "";

                    sUsr = drSQL.GetString(2) + " " + drSQL.GetString(3);
                    sRole = drSQL.GetString(4);
                    sUsrId = drSQL.GetString(0);

                    Session["UserId"] = sUsrId;
                    Session["UserName"] = sUsr;
                    Session["UserRole"] = sRole;

                    Response.Redirect("Home.aspx", false);
                    LoginBoxPanel.Visible = false;
                    NewUserPanel.Visible = false;
                    PasswordChangePanel.Visible = false;
                }
            }
            else
            {
                txtUsername.Text = "";
                txtPassword.Text = "";
                lblInfoMsgs.Text = "";
                this.ClientScript.RegisterStartupScript(this.Page.GetType(), "Alert", "alert(\"Error: " + errMsg + "\");", true);
            }
            //}
            //else
            //{
            //    txtUsername.Text = "";
            //    txtPassword.Text = "";
            //    this.ClientScript.RegisterStartupScript(this.Page.GetType(), "Alert", "alert(\"Error: " + errMsg + "\");document.getElementById(\"UserName\").value=\"\";document.getElementById(\"Password\").value=\"\";", true);
            //    sCmd.Dispose();
            //    sConn.Close();
            //}
        }
        catch (Exception ee)
        {
            this.ClientScript.RegisterStartupScript(this.Page.GetType(), "Alert", "alert(\"Error: " + ee.Message + "\");", true);
            lblInfoMsgs.Text = "";
        }

    }
    protected void lnkNewUserCreate_Click(object sender, EventArgs e)
    {
        LoginBoxPanel.Visible = false;
        NewUserPanel.Visible = true;
        PasswordChangePanel.Visible = false;
        lblInfoMsgs.Text = "";
        Page.Title = "GSTAR | Sign Up";
    }

    protected void btnCreatePassword_Click(object sender, EventArgs e)
    {
        LoginBoxPanel.Visible = false;
        NewUserPanel.Visible = false;
        PasswordChangePanel.Visible = false;

        SqlDataReader drSQL;

        try
        {
            //String nwUsrNm = this.txtUserName.Text;
            String nwUsrPwd = this.txtShortId.Text;
            SqlConnection sConn = new SqlConnection(ConfigurationManager.ConnectionStrings["AvivaTPortalConnectionString"].ConnectionString);
            sConn.Open();

            string encryptedPassword = LCLC.EncryptPassword(txtShortId.Text.Trim().ToString(), "userPassword");

            //string sstd = LCLC.fnDecrypt(sst, "password");

            String errMsg = "User already exists!!";
            //To be changed...............................
            SqlCommand sCmd = new SqlCommand("SELECT LOGIN_ID FROM USER_TB WHERE LOGIN_ID='" + nwUsrPwd + "'", sConn);

            if (sCmd != null)
            {
                drSQL = sCmd.ExecuteReader();
                if (drSQL.HasRows)
                {
                    this.ClientScript.RegisterStartupScript(this.Page.GetType(), "Alert", "alert(\"Error: " + errMsg + "\");", true);
                }
                else
                {
                    drSQL.Close();
                    SqlCommand sCmdIn = new SqlCommand("Insert into USER_TB values('" + txtShortId.Text.Trim().ToString() + "','" + encryptedPassword.Trim().ToString() + "','" + txtLastName.Text.Trim().ToString() + "','" + txtFirstName.Text.Trim().ToString() + "','User','" + txtEmailId.Text.Trim().ToString() + "',0,0,'" + DateTime.Now.ToString() + "','','" + rboGender.SelectedValue.ToString() + "')", sConn);
                    sCmdIn.ExecuteNonQuery();
                    lblInfoMsgs.Text = "<font color='green'>User Created.Default password has been set same as your ID: '<b>" + txtShortId.Text.Trim().ToString() + "</b>'<br/><h3>Login Now.</h3></font>";
                    sCmdIn.Dispose();
                    LoginBoxPanel.Visible = true;
                }
                txtShortId.Text = "";
                txtFirstName.Text = "";
                txtLastName.Text = "";
                txtEmailId.Text = "";
            }
            else
            {
                sCmd.Dispose();
                sConn.Close();
            }
        }
        catch (Exception ee)
        {
            this.ClientScript.RegisterStartupScript(this.Page.GetType(), "Alert", "window.alert('Error: " + ee.Message + "');", true);
        }

    }
    protected void lnkLoginNow_Click(object sender, EventArgs e)
    {
        LoginBoxPanel.Visible = true;
        NewUserPanel.Visible = false;
        PasswordChangePanel.Visible = false;
    }
    protected void NewUsrCancel_Click(object sender, EventArgs e)
    {
        LoginBoxPanel.Visible = true;
        NewUserPanel.Visible = false;
        PasswordChangePanel.Visible = false;
        txtShortId.Text = "";
        txtFirstName.Text = "";
        txtLastName.Text = "";
        txtEmailId.Text = "";
    }

    protected void nlkChangePassword_Click(object sender, EventArgs e)
    {
        LoginBoxPanel.Visible = false;
        NewUserPanel.Visible = false;
        PasswordChangePanel.Visible = true;
        lblInfoMsgs.Text = "";
        Page.Title = "GSTAR | Change Password";
    }
    protected void btnCPCancel_Click(object sender, EventArgs e)
    {
        LoginBoxPanel.Visible = true;
        NewUserPanel.Visible = false;
        PasswordChangePanel.Visible = false;
        txtCurrentPassword.Text = "";
        txtNewPassword.Text = "";
        txtRetypeNewPassword.Text = "";
    }
    protected void btnChangePassword_Click(object sender, EventArgs e)
    {
        LoginBoxPanel.Visible = false;
        NewUserPanel.Visible = false;
        lblInfoMsgs.Text = "";

        SqlDataReader drSQL;

        try
        {
            String strNewPwd = txtNewPassword.Text;
            String username = txtUser.Text;
            SqlConnection sConn = new SqlConnection(ConfigurationManager.ConnectionStrings["AvivaTPortalConnectionString"].ConnectionString);
            sConn.Open();

            string encryptedOldPassword = LCLC.EncryptPassword(txtCurrentPassword.Text.Trim(), "userPassword");
            string encryptedNewPassword = LCLC.EncryptPassword(strNewPwd.Trim(), "userPassword");

            SqlCommand sCmd = new SqlCommand("SELECT FIRST_NAME,LAST_NAME FROM USER_TB WHERE LOGIN_ID='" + username + "' and PASSWRD='" + encryptedOldPassword + "'", sConn);

            if (sCmd != null)
            {
                drSQL = sCmd.ExecuteReader();
                if (drSQL.HasRows)
                {
                    string strSuccessMsg = "";
                    while (drSQL.Read())
                    {
                        strSuccessMsg = "Hi " + drSQL["FIRST_NAME"].ToString() + " " + drSQL["LAST_NAME"].ToString() + ".Your password has been changed Sucessfully.";
                    }
                    drSQL.Close();
                    SqlCommand sCmdIn = new SqlCommand("Update USER_TB set PASSWRD='" + encryptedNewPassword.Trim().ToString() + "' where LOGIN_ID='" + username.Trim() + "'", sConn);
                    sCmdIn.ExecuteNonQuery();
                    sCmdIn.Dispose();
                    this.ClientScript.RegisterStartupScript(this.Page.GetType(), "Alert", "alert(\"" + strSuccessMsg + "\");", true);
                    LoginBoxPanel.Visible = true;
                    PasswordChangePanel.Visible = false;
                }
                else
                {
                    string errMsg = "No user found with provided username & password.";
                    this.ClientScript.RegisterStartupScript(this.Page.GetType(), "Alert", "alert(\"Error: " + errMsg + "\");", true);
                }
                txtUser.Text = "";
                txtCurrentPassword.Text = "";
                txtNewPassword.Text = "";
                txtRetypeNewPassword.Text = "";
            }
            else
            {
                sCmd.Dispose();
                sConn.Close();
            }
        }
        catch (Exception ee)
        {
            this.ClientScript.RegisterStartupScript(this.Page.GetType(), "Alert", "window.alert('Error: " + ee.Message + "');", true);
        }
    }
}
